将网络加密技术集成到操作系统中

2012 IEEE Sixth International Conference on Software Security and Reliability Companion Pub Date : 2012-06-20 DOI:10.1109/SERE-C.2012.27

Anthony Gabrielson, H. Levkowitz

{"title":"将网络加密技术集成到操作系统中","authors":"Anthony Gabrielson, H. Levkowitz","doi":"10.1109/SERE-C.2012.27","DOIUrl":null,"url":null,"abstract":"Cryptography libraries are inflexible and difficult for developers to integrate with their applications. These difficulties may be contributing to applications, like PGP, that are non-intuitive for end-users and are often used improperly or not at all. In this paper we argue that the best place for cryptography to be implemented is at the Operating System level rather than the current application-layer approach. We introduce and define a new general-purpose network cryptography library that integrates directly with the Operating System. This capability is flexible and easy to adopt because it can be used with the sockets interface, which developers are already familiar with, in addition to creating a general cryptography library that can be used in non-network situations. This technology will allow developers to focus on application usability rather than struggle with the learning curve required to properly use a specific cryptography library as required by current practices.","PeriodicalId":403736,"journal":{"name":"2012 IEEE Sixth International Conference on Software Security and Reliability Companion","volume":"72 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Integrating Network Cryptography into the Operating System\",\"authors\":\"Anthony Gabrielson, H. Levkowitz\",\"doi\":\"10.1109/SERE-C.2012.27\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cryptography libraries are inflexible and difficult for developers to integrate with their applications. These difficulties may be contributing to applications, like PGP, that are non-intuitive for end-users and are often used improperly or not at all. In this paper we argue that the best place for cryptography to be implemented is at the Operating System level rather than the current application-layer approach. We introduce and define a new general-purpose network cryptography library that integrates directly with the Operating System. This capability is flexible and easy to adopt because it can be used with the sockets interface, which developers are already familiar with, in addition to creating a general cryptography library that can be used in non-network situations. This technology will allow developers to focus on application usability rather than struggle with the learning curve required to properly use a specific cryptography library as required by current practices.\",\"PeriodicalId\":403736,\"journal\":{\"name\":\"2012 IEEE Sixth International Conference on Software Security and Reliability Companion\",\"volume\":\"72 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-06-20\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 IEEE Sixth International Conference on Software Security and Reliability Companion\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SERE-C.2012.27\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 IEEE Sixth International Conference on Software Security and Reliability Companion","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SERE-C.2012.27","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

加密库不灵活，开发人员很难将其与应用程序集成。这些困难可能会导致应用程序(如PGP)对最终用户来说不直观，并且经常使用不当或根本不使用。在本文中，我们认为实现加密的最佳位置是在操作系统级别，而不是当前的应用层方法。我们引入并定义了一个直接与操作系统集成的新的通用网络加密库。此功能灵活且易于采用，因为除了创建可在非网络情况下使用的通用加密库之外，它还可以与开发人员已经熟悉的套接字接口一起使用。这项技术将允许开发人员专注于应用程序的可用性，而不是根据当前实践的要求，与正确使用特定加密库所需的学习曲线作斗争。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Integrating Network Cryptography into the Operating System

Cryptography libraries are inflexible and difficult for developers to integrate with their applications. These difficulties may be contributing to applications, like PGP, that are non-intuitive for end-users and are often used improperly or not at all. In this paper we argue that the best place for cryptography to be implemented is at the Operating System level rather than the current application-layer approach. We introduce and define a new general-purpose network cryptography library that integrates directly with the Operating System. This capability is flexible and easy to adopt because it can be used with the sockets interface, which developers are already familiar with, in addition to creating a general cryptography library that can be used in non-network situations. This technology will allow developers to focus on application usability rather than struggle with the learning curve required to properly use a specific cryptography library as required by current practices.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 IEEE Sixth International Conference on Software Security and Reliability Companion

自引率

0.00%

发文量